Lucene search
K

4334 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/20 8:48 p.m.3 views

CVE-2026-21641

HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...

7.1CVSS5.4AI score0.00227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/20 8:48 p.m.15 views

CVE-2026-21641

HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...

7.1CVSS0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 8:48 p.m.14 views

CVE-2026-21641

Revive Adserver CVE-2026-21641 is an authorization bypass in the tracker-delete.php script. Reported by HackerOne, the issue allows users with delete-tracker permissions to delete trackers owned by other accounts. Verified across multiple sources (NVD, RH, CIRCL, CVE List, EUVD, AttackeRKB, etc.)...

7.1CVSS5.5AI score0.00227EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3658

HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...

7.1CVSS5.5AI score0.00227EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : tracker-miners-2.1.5-2.el8_9.1 (AXSA:2024-7359:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7359:01 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...

7.7CVSS5.6AI score0.00867EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : tracker-miners-3.1.2-4.el9_3 (AXSA:2023-7044:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7044:02 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...

7.7CVSS5.6AI score0.00867EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

Revive Adserver security vulnerability

Revive Adserver is a set of open-source advertising management systems developed by the Revive Adserver team. This system offers functions such as advertising placement, ad slot management, and data statistics. There is a security vulnerability in Revive Adserver; this vulnerability stems from an...

7.1CVSS7AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2026/01/18 11:15 p.m.6 views

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

7.8CVSS0.00165EPSS
Exploits1References6
OSV
OSV
added 2026/01/18 11:15 p.m.8 views

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

7.8CVSS4.9AI score
Exploits0References6
Debian CVE
Debian CVE
added 2026/01/18 11:2 p.m.5 views

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

7.8CVSS4.9AI score0.00165EPSS
Exploits1
NVD
NVD
added 2026/01/16 7:16 p.m.9 views

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 7:16 p.m.3 views

UBUNTU-CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS5.8AI score0.00193EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/16 12:0 a.m.3 views

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS6.8AI score0.00193EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 12:0 a.m.3 views

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS5.4AI score0.00193EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/16 12:0 a.m.21 views

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

2.6CVSS0.00193EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 12:0 a.m.21 views

CVE-2025-61873

Summary: CVE-2025-61873 affects Best Practical Request Tracker (RT). The connected Debian advisory confirms the issue is a CSV injection vulnerability in RT exports to TSV from search results, caused by ticket values containing certain characters and exported in TSV, enabling injection. Debian li...

2.6CVSS6.6AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.7 views

CVE-2023-45024

Best Practical Request Tracker RT 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder...

7.5CVSS6.6AI score0.00596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.4 views

CVE-2018-18898

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing...

7.5CVSS6.9AI score0.02356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.8 views

CVE-2009-4350

SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the 1 matchingsid or 2 matchingstitle parameters in a Login action to an unspecified program, or 3 the matchingsid parameter in a search action to index.php, a...

7.5CVSS8.7AI score0.02285EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:35 a.m.7 views

CVE-2021-41645

Remote Code Execution RCE vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field...

8.8CVSS8AI score0.03098EPSS
Exploits1References1
Rows per page
Query Builder